23 Jul
2015
23 Jul
'15
10:04 p.m.
On Thu, Jul 23, 2015 at 01:19:44PM -0400, m.roth@5-cent.us wrote:
I really am going crazy, trying to deal with the hourly logs from the loghost. We've got 170+ servers and workstations... but a *very* large percentage of what's showing up is from his bloody new fedora 22, with its idiot systemd logging of *ever* selinux message to /var/log/messages.
systemctl enable auditd systemctl start auditd
Now your SELinux (and other audit) logs are going to /var/log/audit/audit.log.
--
Jonathan Billings billings@negate.org